Universal credit card in the palm of your hand

Do you remember the magnetic card spoofer in Terminator 2? It was a bit farfetched because apparently the device could be swiped through a reader and magically come up with working account numbers and pin numbers. We’re getting close to that kind of magic with [Jaroslaw’s] card spoofer that is button-programmable.

Building off of a project that allows spoofing via an iPod and electromagnet, [Jaroslaw] wanted something that doesn’t require a computer to put together the card code. He accomplished this by interfacing a 16-button keyboard and a character LCD with an AVR ATmega168 microcontroller. Card codes can be entered with the buttons and verified on the LCD. Of course this is still dependent on you knowing the code in the first place.

As you know, credit cards use this technology. We don’t think Walmart is going to be OK with you pulling this out in the checkout line, not to mention local five-oh. This technology is also used for building access in Universities, businesses, and hotels. If used in conjunction with some other spy technology you’ll be on your way to becoming a secret-agent-man.

I think it would be cool if this would program a card on the fly, so you keep a dummy card laying around and punch in a code, swipe it through the machine then use it as normal, or like in a past update make it so it is tethered to a card that is able to change on the fly… many possible ways to make it less conspicuous.

Magnetic stripes will be pretty scarce here in the EU in a few years time when all the credit cards switch to using the EMV chip instead… No more universal credit card since the EMV chips are very very difficult to duplicate.

@dbear: i like where you’re going with this. on some short-lived sci-fi show called “Time Trax”, a 22nd century “fugitive retrieval” cop named “Darien Lambert” carried around a credit card sized supercomputer called “SELMA”. he had “unlimited credit” from any ATM and could hack any computer available.

A (super)computer that could be built to the same size and thickness of a credit card.

Electronic Lock brute-forcing predates WWW. These devices have been shown in evidence in FBI documentaries. They are just almost non-existent in public view. The closest thing to documentation I’ve seen was work done about a year ago with a transformer or something in a cut out card.

The T2 thing is feasible given you could throw the ATM firmware in a loop through mag stripe data continuity or something. I doubt it’s possible now, but maybe back then.

This could be even more stealthy if one were to use the magnetic strip on a credit card and had a ribbon cable back to the device. This could be fed through ones sleeves. This would make it look like you are actually using a real card.

Nice! Now, put it in a professional package, and have a bunch of buttons; each corresponds to a different card. You can get rid of all your swipe cards that way! Though I suppose that unless you have upwards of 20 cards, that wouldn’t be all that worthwhile.

Why not setup your own card readers and locks? physical honey pots. Should work for RFID, pins, etc. or intercept the signal from the pad/reader. beware: most have light sensors underneath to detect removal-from-wall/tampering [and often cameras nearby]

Blackboard access control. that is the newer style reader. was by ATT Campus Wide systems in early life. very expensive because of proprietary reader/controller configurations old ones ran on rs-485 they finally went the way of TCP/IP but still very expensive boards. and as with most magnetic physical contact type interfaces, they wear out. BB charges 150$ just to open the reader plus inflated parts charges… have 400 reader systems coming offline because of better technologies.. you want some?

I think that the device will not work if the reader has the full ISO1-2-3 heads, cause the electromagnet “sends” the same signal on all of three heads, that must have different signals. In my opinion, it can work only for a single ISO track reader.

I had an idea like this. I was going to make the card spoofer from the instructable, but instead of using an ipods headphone jack i was going to use a bluetooth headset i have that got the speaker and mic ripped off (dog). i planned on putting a plug on the speaker for hooking it up to better headphones anyway.

Some years ago, in France, there was fake credit cards called “yescard”, and you could buy anything with any pin code in any shop.
Money was coming from nowhere (well, in the end it was the banks who were paying for it).

I THINK THAT IF U HAD A OLD CREDIT OR DEBIT CARD LAYIN AROUND U COULD SOTTER 2 WIRES ON2 THE MAGNETIC STRIP OF IT 1 ON EACH SIDE AND CONNECT THE OTHER SIDE OF THOSE 2 WIRES 2 A 9V BATTERY HIDDEN IN UR SLEVE WITH A SWICTH 2 TURN THE POWER ON AND OFF

Hi, possibly this posting might be off topic but anyways, Having gone surfing about your site and it seems extremely professional. It is obvious you know your subject and you appear fervent about it. I am setting up a new website and I’m attempting to make it look good, and provide quality information. Having acquired a good deal at this internet site in addition to I anticipate more quality content and will be coming back soon. Many thanks.

I didn’t think that Martin would go to MWR until I saw that his brother is there. Ryan Truex used to drive a EGR car that I think Martin co-owned. Now that Ryan is racing for Micheal, I’m almost positive that’s where he’s going. (It probably doesn’t mean anything that Ryan is racing there considering he’s the younger brother, but it kind of makes you think.) I’d much rather see him at Stewart-Haas and I think that Bass Pro would follow him there.